[Samba] once again reverse DNS - bind_dlz
L.P.H. van Belle
belle at bazuin.nl
Thu May 20 13:22:31 UTC 2021
Reason this happens is most probely that the PC is not the "owner" of the dns A record and that it cant update. Or correct the rights on the dns records, or just remove the A+AAAA and PTR records and reboot the pc.
But in the end thats all irrelevant, first this.
Test_Lap << that name.
https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/naming-conventions-for-computer-domain-site-ou#:~:text=DNS%20names%20can%20contain%20only,components%20of%20domain%20style%20names.
Quote..
Disallowed characters
DNS host names can't contain the following characters:
underscore (_)
So thats one to fix first.
Make sure you NETBIOS names match with what the DNS allows.
In characters used/allowed/not allowed
In Lenghts of hostnames and allowed etc etc..
There more on that.
Above microsoft link shows all you need to know to setup with a minimal chance on conflicts.
There are ways to "allow" that underscore
You can add : check-names ignore; in the bind config, but i DONT recommend it, because debugging will be harder if thats needed.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Rowland penny via samba
> Verzonden: donderdag 20 mei 2021 14:34
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] once again reverse DNS - bind_dlz
>
> On 20/05/2021 13:26, Jan JMPBL via samba wrote:
> > Hi again,
> >
> > dhcp configured as per the SAMBA wiki.
> > Workstations update automatically.
> > generally - almost everything works :)
> >
> > sometimes errors occur:
> >
> > May 20 14:08:37 ad named [8041]: samba_dlz: disallowing
> update of signer =
> > TEST_LAP \ $ \ @ TEST.LAN name = Test_Lap.test.lan type =
> AAAA error =
> > insufficient access rights
> > May 20 14:08:37 ad named [8041]: client @ 0x7f11fc021e30
> 10/10/10.101 #
> > 50217 / key TEST_LAP \ $ \ @ TEST.LAN: updating zone
> 'test.lan / NONE':
> > update failed: rejected by secure update ( REFUSED)
>
>
> You need to stop your Windows clients from trying to update their own
> records.
>
> >
> > I added lines to smb.conf:
> >
> > dns update command = / usr / sbin / samba_dnsupdate --use-samba-tool
> > allow dns updates = nonsecure and secure
> >
> > unfortunately it doesn't work
>
>
> It wouldn't, those lines have nothing to do with your problem.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list